【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
【多选题】
Which two ESA services are available for incoming and outgoing mails ?___
A. anti-DoS
B. reputation filter
C. antispam
D. content filter
E. DLP
【多选题】
What are two reasons to recommend SNMPv 3 over SNMPv2?___
A. SNMPv3 is secure because you can configure authe ntication and privacy
B. SNMPv3 is insecure because it send in formation in clear text
C. SNMPv2 is insecure because it send information in clear text
D. SNMPv3 is a Cisco proprietary protocol
E. SNMPv2 is secure because you can configure authentication and privacy
【多选题】
Which two actions can a zone- based firewall apply to a packet as it transits a zone pair?___
A. drop
B. inspect
C. queue
D. quarantine
【单选题】
Which security principle has been violated if data is altered in an unauthorized manner?___
A. accountability
B. confidentiality
C. availability
D. integrity
【单选题】
Which IKE Phase 1 parameter can you use to require the site-to-site VPN to use a pre-shared ?___
A. encryption
B. authentication
C. group
【单选题】
Which command successfully creates an administrative user with a password of "cisco"on a Cisco router?___
A. username Operator privilege 7 password cisco
B. username Operator privilege 1 password cisco
C. username Operator privilege 15 password cisco
D. username Operator password cisco privilege 15
【单选题】
Which EAP method authenticates a client against Active Directory without the use of client-side 802.1X certificates?___
A. EAP-TLS
B. EAP-MSCHAPv2
C. EAP-PEAP
D.
E. AP-GTC
【单选题】
What is a limitation of network-based IPS?___
A. It must be in dividually configured to support every operating system on the network.
B. It is most effective at the in dividual host level
C. It is unable to monitor attacks across the entire netw ork
D. Large installations require numerous sensors to fully protect the network
【单选题】
When would you configure the ip dhcp snooping trust command on a sw itch?___
A. when the switch is connected to a DHCP server
B. when the switch is working in an edge capacit
C. when the switch is connected to a client system
D. when the switch is serving as an aggregator
【单选题】
How does the 802. 1x supplicant communicate with the authentication server?___
A. The supplicant creates EAP packets and sends them to the authenticator, which encapsulates them into RADIUS and forwards them to the authentication server.
B. The supplicant creates RADIUS packets and sends them to the authe nticator, which encapsulates the m into EAP and forwards them to the a uthentication server.
C. The supplicant creates RADIUS packets and sends them to the authenticator, which translates them into eap and forwards them to the a ut hentication server
D. The supplicant creates
E. AP packets and sends them to the authe nticator, which translates them into radius and forwards them to the authentication server.
【单选题】
Which command do you enter to verify the phase I status of a VPN connection?___
A. sh crypto se ssion
B. debug crypto isakmp
C. sh crypto isakmp sa
D. sh crypto ipsec sa
【单选题】
Refer to the exhibit. what is the e ffect of the given configuration?___
A. It enables authentication,
B. It prevents keychain authentication.
C. The two routers receive normal updates from one another.
D. The two device s are able to pass the message digest to one another.
【单选题】
Which command can you enter to configure OSPF to use hashing to authenticate routing updates?___
A. ip ospf aut hentication message-digest
B. neighbor 192 168.0 112 cost md5
C. ip ospf priority 1
D. ip ospf aut hentication-key
【单选题】
Which command can you enter to verify the status of Cisco lOS Resilient Configuration on a Cisco router?___
A. show secure bootset
B. secure boot-image
C. show binary file
D. ure boot-config
【单选题】
A user on your network inadvertently activates a botnet program that was received as an emai attachment. Which type of mechanism does Cisco Firepower use to detect and block only the botnet attack?___
A. network-based access control rule
B. reputation-based
C. user-ba sed access control rule
D. botnet traffic filter
【单选题】
What does the policy map do in CoPP?___
A. defines service parameters
B. defines packet selection parameters
C. defines the packet filter
D. define s the action to be performed
【单选题】
How is management traffic isolated on a Cisco ASR 1002?___
A. Traffic isolation is done on the vlan level
B. There is no management traffic isolation on a Cisco ASR 1002
C. Traffic is isolated based upon how you configure routing on the device
D. The management interface is configured in a special vRF that provides traffic isolation from the default routing table
【单选题】
Which statement about NaT table evaluation in the asa is true?___
A. After-auto NAT polices are appl d first
B. Manual NAT policies are applied first
C. the asa uses the most specific match
D. Auto NAT policies are applied first
【单选题】
Which information can you display by executing the show crypto ipsec sa command?___
A. ISAKMP SAs that are established between two peers
B. recent changes to the IP address of a peer router
C. proxy infor mation for the connection between two peers
D. IPsec SAs established between two peers
【单选题】
How can you prevent NAT rules from sending traffic to incorrect interfaces?___
A. Assign the output interface in the NAT statement
B. Add the no-proxy-arp command to the nat line.
C. Configure twice NAT instead o bject NAT. 5
D. Use packet-tracer rules to reroute misrouted NAT entries.
【单选题】
What term can be defined as the securing, control, and identification of digital data?___
A. cryptography
B. crypto key
C. cryptoanalysis
D. cryptology
【单选题】
Which feature in the dNS security module provide on and off network DNS protection?___
A. Data Loss Prevention
B. Umbrella
C. Real-time sandboxing
D. Layer-4 monitoring
【单选题】
Which a dverse consequence can occur on a network without BPDu guard ?___
A. The olde st switch can be elected as the root bridge
B. Unauthorized switches that are connected to the network can cause spanning-tree loops
C.
D. ouble tagging can cause the switches to experience CAM table overload.
【单选题】
What configuration is required for multitenancy ?___
A. shared infrastructure
B. multiple carriers
C. co-located resources
D. multiple separate zones
【单选题】
Why does ISE require its own certificate issued by a trusted CA?___
A. ISEs certificate allows guest devices to validate it as a trusted network device
B. It generates certificates for guest devices ba sed on its own certificate
C. It requests certificates for guest devices from the Ca server based on its own certificate.
D. ISE's certificate allows it to join the network security framework
【单选题】
which attack involves large numbers of ICMP packets with a spoofed source IP address?___
A. smurf attack
B. Teardrop attack
C. Nuke attack
D. SYN Flood attack
【单选题】
Which statement about interface and global access rules is true?___
A. Interface access rules are processed before global access rules.
B. Global access rules apply only to outbound traffic, but interface access rules can be applied in either direction
C. The implicit allow is proce ssed after both the global and interface access rules
D. If an interface access rule is applied, the global access rule is ignored
【单选题】
Which type of malicious software can create a back-door into a device or network?___
A. bot
B. worm
C. virus
D. Trojan
【单选题】
Which security term refers to the like lihood that a weakness will be exploited to cause damage to an asset?___
A. threat
B. risk
C. countermeasure
D. vulnerability
【单选题】
Which IPS detection method examines network traffic for preconfigured patterns?___
A. signature-based detection
B. honey-pot detection
C. anomaly-based detection
D. policy-based detection
【单选题】
What is an advantage of split tunneling ?___
A. It allows users with a VpN connection to a corporate network to access the internet with sending traffic across the cor porate network.
B. It allows users with a vpn connection to a corporate network to access the internet by using the vPN for security.
C. It protects traffic on the private network from users on the public network
D. It enables the VPN server to filter traffic more efficiently
【单选题】
Which IDS/IPS state misidentifies acceptable behavior as an attack ?___
A. false negative
B. true positive NEKA G
C. true negative
D. false positive
【单选题】
What is the maximum num ber of methods that a single method list can contain?___
推荐试题
【多选题】
新时代中国特色社会主义发展战略安排的提出,是___
A. 在综合分析国际国内形势和我国发展条件之后作出的重大决策
B. 是党适应我国发展实际作出的必然选择
C. 对动员全党全国各族人民万众一心实现中华民族伟大复兴的中国梦具有重大意义
D. 应对国际挑战的新举措
【多选题】
共享内涵主要指___
A. 全民共享
B. 全面共享
C. 共建共享
D. 渐进共享
【多选题】
深化供给侧结构性改革的主要内容___
A. 推进增长动能转换,以加快发展先进制造业为重点全面提升实体经济
B. 深化要素市场化配置改革,实现由以价取胜向以质取胜的转变
C. 加大人力资本培育力度,更加注重调动和保护人的积极性
D. 坚持续推进‘三去一降一补’,优化市场供求结构
【多选题】
供给侧结构性改革中提出“三去一降一补”是指哪些___
A. 去库存
B. 去杠杆
C. 降成本
D. 补短板
【多选题】
推动供给侧结构性改革、振兴实体经济发展的重要力量是___
A. 高素质的企业家
B. 工匠
C. 劳模
D. 工程师
【多选题】
十八大提出“五位一体”总体布局是指哪些___
A. 经济建设
B. 政治建设
C. 文化建设
D. 社会建设
【多选题】
坚持质量第一、效益优先,以供给侧结构性改革为主线,推动经济发展___
A. 质量变革
B. 效率变革
C. 动力变革
D. 提高全要素生产率
【多选题】
现代化经济体系主要内容有___
A. 建设创新引领、协同发展的产业体系
B. 建设统一开放、竞争有序的市场体系
C. 建设体现效率、促进公平的收入分配体系
D. 建设彰显优势、协调联动的城乡区域发展体系
【多选题】
建设现代化经济体系,需要扎实管用的政策举措和行动。当前,要突出抓好的工作有___
A. 大力发展实体经济
B. 加快实施创新驱动发展战略
C. 激发各类市场主体活力
D. 积极推动城乡域协调发展
【多选题】
走中国特色社会主义政治发展道路,必须坚持___有机统一
A. 党的领导
B. 人民当家作主
C. 依法治国
D. 以德治国
【多选题】
坚持党的领导,就要___
A. 发挥党总揽全局、协调各方的领导核心作用
B. 改进党的领导方式
C. 保证党领导人民有效治理国家
D. 改进党的执政方式
【多选题】
实现人民当家作主,就要___
A. 扩大人民有序政治参与
B. 保证人民依法实行民主选举、民主协商、民主决策、民主管理、民主监督
C. 巩固基层政权,完善基层民主制度
D. 保障人民知情权、参与权、表达权、监督权
【多选题】
坚持依法治国,就要___
A. 维护国家法制统一、尊严、权威
B. 加强人权法治保障
C. 保证人民依法享有广泛权利和自由
D. 健全依法决策机制,构建决策科学、执行坚决、监督有力的权力运行机制
【多选题】
我国基本政治制度是指___
A. 中国共产党领导的多党合作和政治协商制度
B. 人民代表大会制度
C. 民族区域自治制度
D. 基层群众自治制度
【多选题】
发展协商民主,必须___
A. 推进协商民主广泛多层制度化发展
B. 统筹政党协商、政府协商、政协协商
C. 积极开展人大协商、基层协商、人民团体协商,逐步探索社会组织协商,构建程序合理、环节完整的社会主义协商民主体系
D. 确保协商民主有制可依、有规可守、有章可循、有序可遵,不断提高协商民主的科学性和实效性
【多选题】
如何巩固和发展爱国统一战线___
A. 坚持长期共存、互相监督、肝胆相照、荣辱与共,支持民主党派按照中国特色社会主义参政党要求更好履行职能
B. 深化民族团结进步教育,铸牢中华民族共同体意识
C. 全面贯彻党的宗教工作基本方针,坚持我国宗教的中国化,积极引导宗教与社会主义社会相适应
D. 牢牢把握大团结大联合的主题,做好统战工作。
【多选题】
全面准确贯彻“一国两制”方针,必须始终___
A. 准确把握“一国”和“两制”的关系
B. 依照宪法和基本法办
C. 聚焦发展这个第一要务
D. 维护和谐稳定的社会环境
【多选题】
扎实推进祖国和平统一进程,对台工作大政方针有___
A. 坚持“和平统一、一国两制”方针
B. 推动两岸关系和平发展
C. 坚持一个中国原则和“九二共识”
D. 坚决反对和遏制任何形式的“台独”
【多选题】
掌握意识形态工作领导权,要___
A. 旗帜鲜明坚持马克思主义指导地位
B. 加快构建中国特色哲学社会科学
C. 坚持正确的舆论导向
D. 建设好网络空间
【多选题】
舆论导向正确是党和人民之福,舆论导向错误是党和人民之祸。好的舆论可以成为___
A. 发展的“推进器”
B. 民意的“晴雨表”
C. 社会的“粘合剂”
D. 道德的“风向标”
【多选题】
___
A. 民众的“迷魂汤”
B. 社会的“分离器”
C. 杀人的“软刀子”
D. 动乱的“催化剂”
【多选题】
核心价值观内容是___
A. 富强、民主、文明、和谐,
B. 自由、公平、公正、法治,
C. 爱国、敬业、诚信、友善
D. 自由、平等、公正、法治
【多选题】
社会主义核心价值体系内容是___
A. 马克思主义指导思想
B. 中国特色社会主义共同理想
C. 以爱国主义为核心的民族精神和以改革创新为核心的时代精神
D. 社会主义荣辱观
【多选题】
培育和践行社会主义核心价值观,要___
A. 把社会主义核心价值观融入社会生活各个方面
B. 坚持全民行动、干部带头,从家庭做起、从娃娃抓起
C. 立足中华优秀传统文化和革命文化
D. 发扬中国人民在长期奋斗中培育、继承、发展起来的伟大民族精神
【多选题】
建设社会主义文化强国,必须___
A. 培养高度的文化自信
B. 大力发展文化事业
C. 提高国家文化软实力
D. 大力发展文化产业
【多选题】
提高国家文化软实力,要___
A. 努力弘扬中华文化,推进中华文化创新发展
B. 讲好中国故事,传播好中国声音,阐释好中国特色
C. 增强对外话语的创造力、感召力和公信力,提高国际话语权
D. 加强当代中国价值观念的提炼与阐释,拓展对外传播平台和载体
【多选题】
文化强国是指一个国家具有强大的文化力量。这种力量表现为___
A. 高度文化素养的国民
B. 发达的文化产业
C. 文化自信
D. 强大的文化软实力
【多选题】
提高保障和改善民生水平的主要内容有___
A. 优先发展教育事业
B. 提高就业质量和人民收入水平
C. 加强社会保障体系建设
D. 坚决打赢脱贫攻坚战
【多选题】
加强和创新社会治理的主要内容有___
A. 创新社会治理体制
B. 改进社会治理方式
C. 加强社区治理体系建设
D. 加强社会心理服务体系建设
【多选题】
坚持总体国家安全观主要内容是指___
A. 完善国家安全体系
B. 健全公共安全体系
C. 推进平安中国建设
D. 加强国家安全能力建设
【多选题】
形成人与自然和谐发展新格局要 做到___
A. 把节约资源放在首位
B. 坚持保护优先、自然恢复为主
C. 着力推进绿色发展、循环发展、低碳发展
D. 形成节约资源和保护环境的空间格局、产业结构、生产方式、生活方式
【多选题】
加快生态文明体制改革主要内容是___
A. 推进绿色发展
B. 着力解决突出环境问题.
C. 加大生态系统保护力度
D. 改革生态环境监管体制
【多选题】
保持香港、澳门长期繁荣稳定,必须全面准确贯彻___的方针。
A. “一国两制”
B. “港人治港”
C. “澳人治澳”
D. 高度自治
【多选题】
巩固和发展爱国统一战线。坚持___,支持民主党派按照中国特色社会主义参政党要求更好履行职能。
A. 长期共存
B. 互相监督
C. 肝胆相照
D. 荣辱与共
【多选题】
加强社会治理制度建设,完善党委领导、政府负责、社会协同、公众参与、法治保障的社会治理体制,提高社会治理___水平。
A. 社会化
B. 法治化
C. 智能化
D. 专业化
【多选题】
必须坚持___为主的方针,形成节约资源和保护环境的空间格局、产业结构、生产方式、生活方式,还自然以宁静、和谐、美丽。
A. 事先预防
B. 节约优先
C. 保护优先
D. 自然恢复
【多选题】
构建市场导向的绿色技术创新体系,发展绿色金融,壮大___
A. 节能环保产业
B. 清洁生产产业
C. 绿色科技产业
D. 清洁能源产业
【多选题】
倡导简约适度、绿色低碳的生活方式,反对奢侈浪费和不合理消费,开展创建节约型机关___等行动。
A. 绿色家庭
B. 绿色学校
C. 绿色社区
D. 绿色出行
【多选题】
提高污染排放标准,强化排污者责任,健全___等制度。
A. 环保信用评价
B. 污染企业备案
C. 信息强制性披露
D. 严惩重罚
